package com.yitiao.controller;

import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("/menu")
public class MenuController {

    @GetMapping("/system")
    @PreAuthorize("hasAuthority('menu:system')")
    public String system(){
        return  "system";
    }

    @GetMapping("/user")
    @PreAuthorize("hasAuthority('menu:user')")
    public String user(){
        return  "user";
    }

    /**
     *  @PostAuthorize()
     *  在方法之后做检验，一般用来对返回值的处理
     */

}
